package com.ys.shiro;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.ys.entity.sys.SysAdmin;
import com.ys.entity.sys.SysButton;
import com.ys.entity.sys.SysMenu;
import com.ys.enume.sys.SysMenuEnum;
import com.ys.mapper.sys.SysDiySqlMapper;
import com.ys.util.AESUtil;

public class UserRealm extends AuthorizingRealm {
	
	@Autowired
	private SysDiySqlMapper sysDiySqlMapper;
	
	// 授权
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
		System.out.println("执行了=》授权doGetAuthorizationInfo");
		
		//1.通过主体传过来的认证信息中去获取用户名
        String userName = (String) principalCollection.getPrimaryPrincipal();
        System.out.println("userName---" + userName);
		
		// 权限列表
		List<String> listAuth = new ArrayList<String>();
//		list.add("sysMenu:view");
//		list.add("sysCol:view");
		Long sysRoleId = 0L;
		
		// 菜单权限
		List<SysMenu> listSysMenu;
		if (sysRoleId == 0L) {
			listSysMenu = new SysMenu().setLev(SysMenuEnum.Lev.THREE.value).queryList();
		} else {
			listSysMenu = sysDiySqlMapper.listSysMenuBySysRoleId(sysRoleId);
		}
		for(SysMenu sysMenu : listSysMenu) {
			System.out.println(sysMenu.getNameShiroAuth());
			listAuth.add(sysMenu.getNameShiroAuth());
		}
		
		// 按钮权限
		List<SysButton> listSysButton;
		if (sysRoleId == 0L) {
			listSysButton = new SysButton().queryList();
		} else {
			listSysButton = sysDiySqlMapper.listSysButtonBySysRoleId(sysRoleId);
		}
		for(SysButton sysButton : listSysButton) {
			System.out.println(sysButton.getNameShiroAuth());
			listAuth.add(sysButton.getNameShiroAuth());
		}
		
		Set<String> permissions = new HashSet<String>(listAuth);
		
		SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
		simpleAuthorizationInfo.setStringPermissions(permissions);
		return simpleAuthorizationInfo;
	}

	// 认证
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
			throws AuthenticationException {
		System.out.println("认证：=》doGetAuthenticationInfo");
		UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
		// 用户名，密码 数据库中取
		String loginName = token.getUsername();
		SysAdmin admin = new SysAdmin().setLoginName(loginName).queryFirst();
		String password = AESUtil.aesDecrypt(admin.getLoginPass());
		System.out.println("Username---" + token.getUsername());
		
		// 密码认证，shiro做
		return new SimpleAuthenticationInfo(token.getUsername(), password, "");
	}

}
